I previously write a gist about how to set up v2ray + openvpn to unblock gfw and netflix
Refers to that gist for more detail.
In short, this a solution to proxy your network to bypass Firewall with stable connections, and also unblock Proxy detection for Netflix/Spotify/etc....
In my use case from China network:
(V2ray service can be both client and server)
- Visit
baidu/qqfrom my IP directly. -- fast network speed for local resource. - Proxy
youtube/googlerequest to the VPS, from my VPS's IP. -- Unblock GFW. - Proxy
netflix/spotifyrequest to the VPS, VPS then proxy the request to a VPN vendor through wireguard tunnel, this time use the VPN vendor's IP. -- Unblock Netflix Proxy Detection.
Things that needs to be prepared.
-
A VPS that can ssh into
- Use a CN2 network or CN2 GIA network to gain fast netowk speed if you're from China.
- Can use the vendor same as mine: bandwagonhost(you need to login, click Client Area -> Services -> Order New Services to get CN2 server)
- Or search CN2 here
- Use a CN2 network or CN2 GIA network to gain fast netowk speed if you're from China.
-
A wireguard config(vpn vendor that can unblock netflix/spotify)
ssh into your VPS, install v2ray server, recommand using this one line installer
bash <(curl -s -L https://git.io/v2ray.sh)Then pasted your v2ray configuration to your device
- v2rayN for windows
- v2rayNG for Android
- V2rayU for Mac
- kitsunebi for IOS
Setup wireguard proxy follow my repo wireguard_socks5_docker
# tested only on Ubuntu/Debian
git clone https://github.com/zpoint/wireguard_socks5_docker.git
cd wireguard_socks5_docker
# build image
bash ./build.sh
# copy the configure file you downloaded to ./config/wg0.conf, or pasted the content
vim ./config/wg0.conf
# start container
bash ./start.sh
# test connection
bash ./test.shvim /etc/v2ray/config.jsonPart of my configuration
"inbounds": [
{
"port": 8888,
"protocol": "vmess",
"settings": {
"clients": [
{
// private config
}
]
},
"streamSettings": {
"network": "ws"
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
]
"outbounds": [
{
"settings": {},
"protocol": "freedom"
},
// ...
{
"protocol": "socks",
"settings": {
"servers": [{
"port": 9050,
"address": "localhost"
}]
},
"streamSettings": {
"tcpSettings": {
"header": {
"type": "none"
}
},
"network": "tcp",
"security": "none"
},
"tag": "streaming"
}
]
"routing": {
"rules": [
{
"type": "field",
"domain": [
"domain:btstatic.com",
"domain:netflix.com",
"domain:netflix.net",
"domain:nflxext.com",
"domain:nflximg.com",
"domain:nflximg.net",
"domain:nflxsearch.net",
"domain:nflxso.net",
"domain:nflxvideo.net",
"domain:fast.com",
"domain:fast.ca",
"domain:netflixinvestor.com",
"domain:byspotify.com",
"domain:pscdn.co",
"domain:scdn.co",
"domain:spoti.fi",
"domain:spotify-everywhere.com",
"domain:spotify.com",
"domain:spotify.design",
"domain:spotifycdn.com",
"domain:spotifycdn.net",
"domain:spotifycharts.com",
"domain:sspotifycodes.com",
"domain:spotifyforbrands.com",
"domain:spotifyjobs.com"
],
"outboundTag": "streaming"
}
]
}
More domain rules refers to here
Then restart v2ray
systemctl restart v2rayOr select reboot menu here
v2rayCheck logs under /var/log/v2ray/ if you encounter configuration error after restart.
Hi OP,
I have
Issue I had is when v2ray and wireguard peer is both up, the v2ray is not able to be connected, if I turn off the wireguard peer, then the v2ray works perfectly on its own.
What I want from this config is to let Chinese users be able to visit internal IPs like 10.x.x.x whichever device connects to the VPS (B), but for other traffics, we can just use v2ray to proxy, how should I config in this case?
proxy 10.x.x.x only in v2ray config?